Topic-specific policies
ISO/IEC 27404

Search this site

ISMS templates

< Previous standard      ^ Up a level ^      Next standard >


ISO/IEC 27404 — Cybersecurity — IoT security and privacy — Cybersecurity labelling framework for consumer IoT [DRAFT]



“This document defines a Universal Cybersecurity Labelling Framework for the development and implementation of cybersecurity labelling programmes for consumer IoT products.”
[Source: ISO/IEC JTC 1/SC 27 SD11 July 2024]


Although cybersecurity is seldom promoted as a feature of consumer-oriented IoT devices (things), it can be important. Inconsistent and unclear cybersecurity labelling does not help consumers appreciate their security and privacy objectives, nor evaluate and select things accordingly. Standardising the cybersecurity labelling of things is intended to improve consistency across the global market, increase consumer awareness and promote better cybersecurity designs.


Scope of the standard



Content of the standard




Drafting started in 2022.

The standard is at Committee Draft stage, coming along nicely.


Personal comments

Singapore standard TR 91:2021 Cybersecurity labelling for consumer IoT provides a sound basis from which to develop this standard. Editorial changes are being made to adopt the more formal ISO/IEC style.



< Previous standard      ^ Up a level ^      Next standard >

Copyright © 2024 IsecT Ltd. Contact us re Intellectual Property Rights